Both sides previous revision
Previous revision
Next revision
|
Previous revision
Next revision
Both sides next revision
|
userdoc:tt_ipsec_vpn_apple_ios [2012/09/14 15:30] abelbeck |
userdoc:tt_ipsec_vpn_apple_ios [2012/09/14 15:50] abelbeck |
{{:userdoc:ipsec-xauth-credentials2.jpg?nolink|Credentials}} | {{:userdoc:ipsec-xauth-credentials2.jpg?nolink|Credentials}} |
| |
The Shrew Soft VPN Client (v2.1.7) does not support .p12 packages, so the unencrypted mb13.key, mb13.crt and ca.crt, must be installed somewhere the Shrew Soft VPN Client can find them. Be certain to transport the ".key" file securely. | The Shrew Soft VPN Client (v2.1.7) does not support password protected ''.p12'' packages, so the unencrypted ''mb13.key'', ''mb13.crt'' and ''ca.crt'', must be installed somewhere the Shrew Soft VPN Client can find them. Be certain to transport the ''mb13.key'' file securely. |
| |
| |
| |
Shrew Soft VPN Client (v2.1.7) example (Submitted by Tom Mazzotta): | **Shrew Soft VPN Client (v2.1.7) example: (Submitted by Tom Mazzotta)** |
| |
* The Shrew Soft VPN Client does not access certificates installed into the Windows certificate store, so you need to copy your certificate files to a folder where they can be found. The installer creates the folder C:\Documents and Settings\Administrator\My Documents\Shrew Soft VPN\certs, it is suggested to copy the CA cert (ca.crt), unencrypted client cert (mb13.crt), and private key(mb13.key) for the client cert, to that location. Select these files on the "Authentication | Credentials" tab. | The Shrew Soft VPN Client does not access certificates installed into the Windows certificate store, so you need to copy your certificate files to a folder where they can be found. The installer creates the folder: |
| |
* Technically the Shrew Soft VPN Client does support encrypted client certificates, but you need to enter the client p/w every time (a real pain), so it makes more sense to use the unencrypted key with this product. | C:\Documents and Settings\Administrator\My Documents\Shrew Soft VPN\certs |
| |
* To enable split tunneling, add the networks found on the LAN side of your Astlinux box to the list on the "Policy" tab (192.168.102.0/24 in this example). | It is suggested to copy the CA cert (''ca.crt''), client cert (''mb13.crt''), and client unencrypted private key (''mb13.key'') for the client cert, to that location. Select these files using the "Authentication | Credentials" tab. |
| |
| Technically the Shrew Soft VPN Client does support encrypted client certificates, but you need to enter the client p/w every time (a real pain), so it makes more sense to use the unencrypted key with this product. |
| |
| To enable split tunneling, add the networks found on the LAN side of your Astlinux box to the list on the "Policy" tab (192.168.102.0/24 in this example). |
| |
{{:userdoc:ipsec-xauth-shrew-soft-config1.jpg?nolink|Shrew Soft Configuration}} | {{:userdoc:ipsec-xauth-shrew-soft-config1.jpg?nolink|Shrew Soft Configuration}} |